bfcd8d3922eb942e22792340e4fef821069a2d42cbde76e6194b7e52c3ef9584[.]zip

General

Target

bfcd8d3922eb942e22792340e4fef821069a2d42cbde76e6194b7e52c3ef9584.zip
Size

64KB
MD5

13fd8bdb2c31f38a9a86646c7550c40b
SHA1

42d8d1747d1fa9fe554f92d9b5f542955277d444
SHA256

4f522de9f13aeab56fbd6abdf4aa0e38b4427388de0ae4a1655e3fbb98661dee
SHA512

922d83cc288921c62c475a097775062521469079574245ce9df247be25df3b9db9ff65ccdebd8512cb93b03804335033d1b396abc045298fd9e74380b548afd9
SSDEEP

1536:Jmnwd+7s+QxNY+dt5b+tkSf3Mv9+JzNC0iLGp16D/yqa6FFB52S3:Jmnwd4s+QxNY+JytkcMv9mB4pB5/3

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/scandy.bin

bfcd8d3922eb942e22792340e4fef821069a2d42cbde76e6194b7e52c3ef9584.zip
.zip

Password: infected
bfcd8d3922eb942e22792340e4fef821069a2d42cbde76e6194b7e52c3ef9584.zip
.zip

Password: infected
scandy.bin
.exe windows:5 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\crysis\Release\PDB\payload.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE